CloudWatch Logs
Access AWS CloudWatch logs to list log groups and read log entries.
CloudWatch Logs MCP Server
An MCP (Model Context Protocol) server that provides tools for accessing AWS CloudWatch logs. This server allows AI assistants to list log groups and read log entries from AWS CloudWatch.
Available Tools
list_groups
Lists available CloudWatch log groups.
Parameters:
prefix(optional): Log group name prefixregion(optional): AWS regionaccessKeyId(optional): AWS access key IDsecretAccessKey(optional): AWS secret access keysessionToken(optional): AWS session token
Returns: JSON string with the list of log groups, including logGroupName, creationTime, and storedBytes.
get_logs
Gets CloudWatch logs from a specific log group.
Parameters:
logGroupName(required): The name of the log grouplogStreamName(optional): The name of the log streamstartTime(optional): Start time in ISO format or relative time (e.g., "5m", "1h", "1d")endTime(optional): End time in ISO formatfilterPattern(optional): Filter pattern for the logsregion(optional): AWS regionaccessKeyId(optional): AWS access key IDsecretAccessKey(optional): AWS secret access keysessionToken(optional): AWS session token
Returns: JSON string with the log events, including timestamp, message, and logStreamName.
Setup
AWS Credentials
Ensure you have AWS credentials configured. You can set them up using the AWS CLI or by setting environment variables:
AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEY
Usage with Claude Desktop
Add the following to your claude_desktop_config.json:
{
"mcpServers": {
"cloudwatch-logs": {
"command": "python3",
"args": ["/path/to/cloudwatch-logs-mcp/main.py"],
"env": {
"AWS_ACCESS_KEY_ID": "<YOUR_ACCESS_KEY_ID>",
"AWS_SECRET_ACCESS_KEY": "<YOUR_SECRET_ACCESS_KEY>",
},
"disabled": false,
"autoApprove": []
}
}
}
Docker
If you prefer to run the server in a Docker container, you can set up a Dockerfile and use the following configuration:
{
"mcpServers": {
"cloudwatch-logs": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"-e",
"AWS_ACCESS_KEY_ID",
"-e",
"AWS_SECRET_ACCESS_KEY",
"mcp/cloudwatch-logs"
],
"env": {
"AWS_ACCESS_KEY_ID": "<YOUR_ACCESS_KEY_ID>",
"AWS_SECRET_ACCESS_KEY": "<YOUR_SECRET_ACCESS_KEY>",
}
}
}
}
Implementation Details
This server is built using the FastMCP class from the MCP SDK, which provides a simple way to create MCP servers. The server exposes two main tools:
list_groups: Lists available CloudWatch log groupsget_logs: Reads log entries from specific log groups
Each tool is implemented as an async function decorated with @mcp.tool(). The server uses the boto3 library to interact with the AWS CloudWatch Logs API.
License
MIT
Related Servers
Remote MCP Server (Authless)
A remote MCP server without authentication, deployable on Cloudflare Workers.
Financial Data
Provides access to real-time and historical stock data from the Alpha Vantage API.
CData Sage Cloud Accounting
A read-only MCP server for Sage Cloud Accounting, powered by the CData JDBC Driver.
Rootly
Manage incidents on Rootly using your own API tokens via a Cloudflare Worker.
Authless Remote MCP Server
An authentication-free, remote MCP server designed for deployment on Cloudflare Workers.
Amazon Marketplace by CData
Query live Amazon Marketplace data using CData's read-only MCP server.
Cyclops MCP
Manage Kubernetes applications safely by creating and updating Cyclops Modules for AI agents.
MCP Server for Oracle Cloud Infrastructure (OCI)
Model Context Protocol (MCP) server for Oracle Cloud Infrastructure, allowing LLMs like Claude to interact directly with OCI resources
Autumn MCP Server
An unofficial MCP server for the Autumn pricing API to manage customers, entitlements, invoices, and billing portal links.
CoSense
An MCP server for interacting with the CoSense collaborative sensemaking platform, supporting public and private projects.